maiora/backend-api-DSU
2
0
Fork 0
forked from maiora/backend-api
Code Pull Requests Activity

Compare commits

base: maiora:728eca6dd66863c3b48a142f6acd5e9098391a35
Branches Tags
maiora:main
maiora:0002440-endpoint-prodottiDisponibili
maiora:dev
maiora:0002438-endpoint-puntiDistribuzione
maiora:0002439-endpoint-slotOrari
maiora:0002357-endpoint-ricariche
maiora:0002393-endpoint-valorePasti
maiora:0002358-endpoint-composizioni
maiora:0002350-endpoint-movimenti
maiora:0002343-endpoint-tessere
maiora:dev
maiora:main
..
compare: maiora/backend-api-DSU:e3fc1f73b73c024b8ea6ccf9d7a1baf1336a89ff
Branches Tags
maiora/backend-api-DSU:0002440-endpoint-prodottiDisponibili
maiora/backend-api-DSU:dev
maiora/backend-api-DSU:0002438-endpoint-puntiDistribuzione
maiora/backend-api-DSU:0002439-endpoint-slotOrari
maiora/backend-api-DSU:main
maiora/backend-api-DSU:0002357-endpoint-ricariche
maiora/backend-api-DSU:0002393-endpoint-valorePasti
maiora/backend-api-DSU:0002358-endpoint-composizioni
maiora/backend-api-DSU:0002350-endpoint-movimenti
maiora/backend-api-DSU:0002343-endpoint-tessere
maiora:dev
maiora:main

No commits in common. "728eca6dd66863c3b48a142f6acd5e9098391a35" and "e3fc1f73b73c024b8ea6ccf9d7a1baf1336a89ff" have entirely different histories.
728eca6dd6 ... e3fc1f73b7

5 changed files with 65 additions and 69 deletions
Show Stats Expand all files Collapse all files

5
build.gradle.kts
View File

@ -35,8 +35,9 @@ dependencies {
implementation("org.jetbrains.exposed:exposed-dao:$exposed_version") implementation("org.jetbrains.exposed:exposed-dao:$exposed_version")
implementation("org.jetbrains.kotlinx:kotlinx-datetime:0.6.1") implementation("org.jetbrains.kotlinx:kotlinx-datetime:0.6.1")
implementation ("org.jetbrains.exposed:exposed-java-time:$exposed_version") implementation ("org.jetbrains.exposed:exposed-java-time:$exposed_version")
implementation("io.ktor:ktor-server-auth:$ktor_version") implementation("io.jsonwebtoken:jjwt-api:0.11.5")
implementation("io.ktor:ktor-server-auth-jwt:$ktor_version") implementation("io.jsonwebtoken:jjwt-impl:0.11.5")
implementation("io.jsonwebtoken:jjwt-jackson:0.11.5")
testImplementation("io.ktor:ktor-server-test-host-jvm") testImplementation("io.ktor:ktor-server-test-host-jvm")
testImplementation("org.jetbrains.kotlin:kotlin-test-junit:$kotlin_version") testImplementation("org.jetbrains.kotlin:kotlin-test-junit:$kotlin_version")
} }

4
src/main/kotlin/eu/maiora/Application.kt
View File

@ -1,6 +1,7 @@
package eu.maiora package eu.maiora
import eu.maiora.plugins.configureDatabases import eu.maiora.plugins.configureDatabases
//import eu.maiora.model.LogScriptRepositoryImpl
import eu.maiora.plugins.* import eu.maiora.plugins.*
import io.ktor.http.* import io.ktor.http.*
import io.ktor.server.application.* import io.ktor.server.application.*
@ -20,10 +21,11 @@ fun Application.module() {
val dbUrl = config.property("ktor.database.url").getString(); val dbUrl = config.property("ktor.database.url").getString();
val username = config.property("ktor.database.username").getString(); val username = config.property("ktor.database.username").getString();
val password = config.property("ktor.database.password").getString(); val password = config.property("ktor.database.password").getString();
//val repository = LogScriptRepositoryImpl()
configureDatabases(dbUrl, username, password) configureDatabases(dbUrl, username, password)
//configureRouting(dbUrl, username, password, repository)
configureRouting(dbUrl, username, password) configureRouting(dbUrl, username, password)
configureSerialization() configureSerialization()
install(CallLogging) install(CallLogging)
install(CORS){ install(CORS){
anyHost() anyHost()

5
src/main/kotlin/eu/maiora/plugins/Routing.kt
View File

@ -18,6 +18,9 @@ fun Application.configureRouting(dbUrl : String, username : String, password : S
call.respondText("Hello World!") call.respondText("Hello World!")
} }
auth(AccountsRepositoryImpl()) auth(AccountsRepositoryImpl(), ParametriRepositoryImpl())
//analizzaURLRoute()
//eseguiScriptSQLRoute(dbUrl, username, password)
//logScriptRouting(repository)
} }
} }

65
src/main/kotlin/eu/maiora/routes/Auth.kt
View File

@ -1,11 +1,13 @@
package eu.maiora.routes package eu.maiora.routes
import com.auth0.jwt.JWT import com.fasterxml.jackson.databind.ser.Serializers.Base
import com.auth0.jwt.algorithms.Algorithm
import eu.maiora.model.AccountsRepositoryImpl import eu.maiora.model.AccountsRepositoryImpl
import eu.maiora.model.ParametriRepositoryImpl
import io.jsonwebtoken.Jwts
import io.jsonwebtoken.SignatureAlgorithm
import io.jsonwebtoken.security.Keys
import io.ktor.http.* import io.ktor.http.*
import io.ktor.server.application.* import io.ktor.server.application.*
import io.ktor.server.config.*
import io.ktor.server.request.* import io.ktor.server.request.*
import io.ktor.server.response.* import io.ktor.server.response.*
import io.ktor.server.routing.* import io.ktor.server.routing.*
@ -15,35 +17,26 @@ import org.slf4j.LoggerFactory
import java.util.* import java.util.*
fun Route.auth(accountsRepository: AccountsRepositoryImpl) { fun Route.auth(accountsRepository: AccountsRepositoryImpl, parametriRepository: ParametriRepositoryImpl){
route("/auth") {
post() { post("/auth"){
// Riceve il body della richiesta e lo deserializza in ReceivedResponse // Riceve il body della richiesta e lo deserializza in ReceivedResponse
val receivedResponse = try { val receivedResponse = try {
call.receive<ReceivedResponse>() call.receive<ReceivedResponse>()
} catch (e: Exception) { } catch (e: Exception) {
return@post call.respondText( return@post call.respondText("Body mancante " + e.stackTraceToString(), status = HttpStatusCode.BadRequest)
"Body mancante " + e.stackTraceToString(),
status = HttpStatusCode.BadRequest
)
} }
val logger = LoggerFactory.getLogger("AuthRoute") val logger = LoggerFactory.getLogger("AuthRoute")
logger.info( logger.info("param: " +
"param: " + receivedResponse.param);
receivedResponse.param
);
// Decodifica la stringa da Base64 a oggetto Credentials // Decodifica la stringa da Base64 a oggetto Credentials
val decodedBytes = Base64.getDecoder().decode(receivedResponse.param) val decodedBytes = Base64.getDecoder().decode(receivedResponse.param)
val decodedString = String(decodedBytes) val decodedString = String(decodedBytes)
val credentials = try { val credentials = Json.decodeFromString<Credentials>(decodedString)
Json.decodeFromString<Credentials>(decodedString)
} catch (e: Exception) {
return@post call.respondText(
"Errore nel param. Verificare la codifica. \n" + e.stackTraceToString(),
status = HttpStatusCode.BadRequest
)
}
//verifica credenziali (recupero account dal database) //verifica credenziali (recupero account dal database)
val account = accountsRepository.accountByUsername(credentials.username) val account = accountsRepository.accountByUsername(credentials.username)
@ -58,34 +51,36 @@ fun Route.auth(accountsRepository: AccountsRepositoryImpl) {
).reverse().toString().toByteArray() ).reverse().toString().toByteArray()
) )
) )
if (passwordPlain.equals(credentials.password)) { if(passwordPlain.equals(credentials.password)){
val config = ApplicationConfig("application.conf") val parametro = parametriRepository.parametroByChiave("jwt_secret")
val secret = config.property("ktor.jwt.secret").getString() if (parametro != null) {
val key = Keys.hmacShaKeyFor(parametro.valore.toByteArray())
val now = System.currentTimeMillis() val now = System.currentTimeMillis()
val expiration = now + 86400000 // Scadenza tra 1 giorno (24 ore) val expiration = now + 86400000 // Scadenza tra 1 giorno (24 ore)
val token = JWT.create() val token = Jwts.builder()
.withSubject(account.username) .setSubject(account.username) // Soggetto del JWT
.withIssuedAt(Date(now)) .setIssuedAt(Date(now)) // Data di emissione
.withExpiresAt(Date(expiration)) .setExpiration(Date(expiration)) // Data di scadenza
.sign(Algorithm.HMAC256(secret)) .signWith(key, SignatureAlgorithm.HS256) // Firma con una chiave segreta
.compact()
// Risponde con la stringa decodificata // Risponde con la stringa decodificata
call.respond(HttpStatusCode.OK, token) call.respond(HttpStatusCode.OK, token)
}
} else { }
else {
call.respond(HttpStatusCode.Unauthorized) call.respond(HttpStatusCode.Unauthorized)
} }
} else { }
else {
call.respond(HttpStatusCode.Unauthorized) call.respond(HttpStatusCode.Unauthorized)
} }
} }
}
} }
@Serializable @Serializable

5
src/main/resources/application.conf
View File

@ -13,9 +13,4 @@ ktor {
;username = "EP_DONORIONE" ;username = "EP_DONORIONE"
;password = "ep_donorione" ;password = "ep_donorione"
} }
jwt {
# secret per JWT generato partendo dalla stringa '?Backend_API*06022025!' codificato in Base64
secret = "P0JhY2tlbmRfQVBJKjA2MDIyMDI1IQ=="
}
} }